BitRAT botnet controller @172.105.27.61

The host at this IP address is obviously operated by cybercriminals. It is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

Malware botnet controller located at 172.105.27.61 on port 4898 TCP:
$ telnet 172.105.27.61 4898
Trying 172.105.27.61…
Connected to 172.105.27.61.
Escape character is ‘^]’

Other malicious domain names hosted on this IP address:
bit.banker-info.org. 5 IN A 172.105.27.61
pure.banker-info.org. 5 IN A 172.105.27.61

Referencing malware samples (MD5 hash):
0a3e22cb2c403e6d6a66a3b0563be179 — AV detection: 28 / 70 (40.00%)
ad31b1ae880cacf5792155c485a35c84 — AV detection: 49 / 68 (72.06%)

Опубликовано
В рубрике linode.com

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *